A critical command injection vulnerability in Wavlink WL-WN578W2 devices allows remote attackers to execute arbitrary code and fully compromise the network hardware.

The flaw resides in the POST request handler for /cgi-bin/wireless.cgi, specifically affecting the Delete_Mac_list, SetName, and GuestWifi functions. Attackers can inject malicious commands through these parameters without requiring local access.

This vulnerability leads to total device compromise, allowing attackers to monitor unencrypted traffic and redirect users to malicious sites. With a CVSS score of 9.8, the risk is Critical, as these devices often serve as the primary security barrier for small office and home networks.

Immediate Action: Immediately install the latest firmware update provided by Wavlink to patch the vulnerable CGI components.

Proactive Monitoring: Audit the device for any unfamiliar MAC addresses in the allowed list or unauthorized Guest Wi-Fi accounts.

Compensating Controls: Implement strict firewall rules to prevent access to the router's web management interface from external networks.

Public Exploit Available: Yes

The presence of a public exploit and the Critical severity of the flaw necessitate immediate action. Update the firmware now. If an update is not available, the device should be taken offline or replaced to prevent it from becoming a bridgehead for attackers.